﻿using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

using CE.User;

public partial class management_ManagementSecureLogin : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            Page.Validate();
        }

        if (Session[CE.Global.General.UserId] != null && Session[CE.Global.General.UserTypeId] != null)
        {
            if (Convert.ToInt32(Session[CE.Global.General.UserTypeId]) ==
                Convert.ToInt32(CE.Global.CEUserType.SiteAdmin))
            {
                Response.Redirect("ManagementHome.aspx");
            }
        }
    }

    protected void btnSignIn_Click(object sender, EventArgs e)
    {
        if (IsValid)
        {
            AccountDB _accountdb = new AccountDB();
            Account _account = _accountdb.CheckEmail(txtManagementEmailAddress.Text.Trim(), 100);

            if (_account != null)
            {
                AccountStatus _accountstatus = new AccountStatus();
                AccountStatusDB _accountstatusdb = new AccountStatusDB();
                _accountstatus = _accountstatusdb.GetAccountStatus(_account.UserId, _account.UserTypeId);
                if (_accountstatus != null)
                {
                    if (_accountstatus.IsBlock == false)
                    {
                        if (txtManagementAuthCode.Text.Trim() == _account.AuthCode && _account.UserTypeId == Convert.ToInt32(CE.Global.CEUserType.SiteAdmin))
                        {                       
                            _accountstatusdb.UpdateAccountStatus(_account.UserId, _account.UserTypeId, 1);
                            DateTime dtNow = new DateTime();
                            dtNow = CE.Global.General.GetUTCDateTime();

                            Session[CE.Global.General.UserId] = _account.UserId;
                            Session[CE.Global.General.UserRole] = _account.UserRole;
                            Session[CE.Global.General.UserTypeId] = _account.UserTypeId;
                            Session[CE.Global.General.UserEmail] = _account.Email;
                            Session[CE.Global.General.StartTime] = dtNow.ToString();

                            ProfileDB _profiledb = new ProfileDB();
                            Profile _profile = new Profile();
                            _profile = _profiledb.GetProfile(_account.UserId);
                            if (_profile != null)
                            {
                                Session[CE.Global.General.UserName] = _profile.FirstName + " " + _profile.SurName;
                            }
                            else
                            {
                                Session[CE.Global.General.UserName] = "No Name";
                            }

                            LoginHistory _loghis = new LoginHistory();
                            _loghis.CEID = _account.UserId;
                            _loghis.UserTypeId = _account.UserTypeId;
                            _loghis.StartTime = dtNow;
                            _loghis.EndTime = dtNow;
                            _loghis.IsExpired = false;
                            _loghis.Status = "LOGIN";
                            LoginHistoryDB _loghisdb = new LoginHistoryDB();

                            Session[CE.Global.General.LoginHistoryId] = _loghisdb.Insert(_loghis).ToString();
                            //if (_account.UserId == 2)
                            //{
                            //    Response.Redirect("~/user/search_user.aspx?menu=0");
                            //}
                            //else
                            //{
                            //    Response.Redirect("ManagementHome.aspx");
                            //}
                            Response.Redirect("ManagementHome.aspx");
                        }
                        else
                        {
                            _accountstatusdb.UpdateAccountStatus(_account.UserId, _account.UserTypeId, 0);
                            lblMessage.Text = "Password wrong.";
                        }
                    }
                    else
                    {
                        lblMessage.Text = "Account Blocked. <br/> Contact your Admin";
                    }
                }
            }
            else
            {
                lblMessage.Text = "Email address wrong.";
            }
        }
    }

}
